diff --git a/ansible/roles/k8s_control/files/kube00.balsillie.house_init b/ansible/roles/k8s_control/files/kube00.balsillie.house_init new file mode 100644 index 0000000..a86a41d --- /dev/null +++ b/ansible/roles/k8s_control/files/kube00.balsillie.house_init @@ -0,0 +1 @@ +sudo kubeadm init --control-plane-endpoint=api.cluster.balsillie.house --cri-socket=unix:///run/containerd/containerd.sock --pod-network-cidr="10.208.0.0/16,2400:8907:e002:7c10::/64" --service-cidr="10.224.0.0/16,2400:8907:e002:7c11::/108" --apiserver-advertise-address="10.192.110.91" --apiserver-advertise-address="2400:8907:e002:7c02::91" --apiserver-bind-port=6443 --apiserver-cert-extra-sans="api.cluster.balsillie.house" --apiserver-cert-extra-sans="10.192.110.90" --apiserver-cert-extra-sans="10.192.110.91" --apiserver-cert-extra-sans="2400:8907:e002:7c02::90" --apiserver-cert-extra-sans="2400:8907:e002:7c02::91" --node-name="kube00" --service-dns-domain="cluster.balsillie.house" diff --git a/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_installation.yaml b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_installation.yaml new file mode 100644 index 0000000..b88ec79 --- /dev/null +++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_installation.yaml @@ -0,0 +1,52 @@ +apiVersion: operator.tigera.io/v1 +kind: Installation +metadata: + name: default +spec: + calicoNetwork: + bgp: Enabled + hostPorts: Enabled + ipPools: + - blockSize: 20 + cidr: 10.208.0.0/16 + encapsulation: None + natOutgoing: Disabled + nodeSelector: all() + - blockSize: 116 + cidr: 2400:8907:e002:7c10::/64 + encapsulation: None + natOutgoing: Disabled + nodeSelector: all() + linuxDataplane: Iptables + +--- + +apiVersion: projectcalico.org/v3 +kind: BGPConfiguration +metadata: + name: default +spec: + asNumber: 64622 + serviceClusterIPs: + - cidr: 10.224.0.0/16 + - cidr: 2400:8907:e002:7c11::/108 + +--- + +apiVersion: crd.projectcalico.org/v1 +kind: BGPPeer +metadata: + name: opnsense-v4 +spec: + asNumber: 64623 + peerIP: 10.192.110.254 + +--- + +apiVersion: crd.projectcalico.org/v1 +kind: BGPPeer +metadata: + name: opnsense-v6 +spec: + asNumber: 64623 + peerIP: 2400:8907:e002:7c02::0254 diff --git a/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_ip_reservation.yaml b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_ip_reservation.yaml new file mode 100644 index 0000000..f1bd4dc --- /dev/null +++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/calico_ip_reservation.yaml @@ -0,0 +1,23 @@ +apiVersion: projectcalico.org/v3 +kind: IPReservation +metadata: + name: default-ipreservation +spec: + reservedCIDRs: + - 10.208.240.0/20 + - 2400:8907:e002:7c10:ffff:ffff:ffff:f000/116 + +# Static IPs: +# +# DNS (Bind9): +# 10.208.240.1 +# 2400:8907:e002:7c10:ffff:ffff:ffff:f001 +# +# Nginx: +# +# Mail: +# +# Matrix: +# +# Turn: +# \ No newline at end of file diff --git a/ansible/roles/k8s_network/files/cluster.balsillie.house/ippool.yaml b/ansible/roles/k8s_network/files/cluster.balsillie.house/ippool.yaml new file mode 100644 index 0000000..95c20cf --- /dev/null +++ b/ansible/roles/k8s_network/files/cluster.balsillie.house/ippool.yaml @@ -0,0 +1,13 @@ +apiVersion: projectcalico.org/v3 +kind: IPPool +metadata: + name: default-ipv6-ippool +spec: + allowedUses: + - Workload + - Tunnel + blockSize: 116 + cidr: 2400:8907:e002:7c10::/64 + ipipMode: Never + nodeSelector: all() + vxlanMode: Never